Skip to topic | Skip to bottom
Home
Federation
Hello TWikiGuest

Create personal sidebar
Federation.EmptyRemoteUserr1.1 - 25 Aug 2007 - 17:19 - BrucLiongtopic end
Start of topic | Skip to actions

Tomcat application doesn't get REMOTE_USER

Make sure that the application is jk-mounted to correct port, i.e. if you have port 8009 on workers2.properties 

   workers.tomcat_home=/usr/local/tomcat
   workers.java_home=/usr/lib/jvm/java-1.5.0-sun-1.5.0.07
   ps=/
   worker.list=shibboleth tomcat

   # Definition for local worker using AJP 1.3
   #
   worker.shibboleth.type=ajp13
   worker.shibboleth.host=localhost
   worker.shibboleth.port=8009

and the application is mounted on that particular worker 

   JkMount /myApplication* shibboleth

Try to see if your $TOMCAT_HOME/conf/server.xml on port 8009 configured correctly (particularly pay attention to tomcatAuthentication=false) 

<Connector port="8009" address="127.0.0.1"
    request.tomcatAuthentication="false" tomcatAuthentication="false"
    enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

Setting tomcatAuthentication="true" will reset any authenticated information passed from apache, hence the missing REMOTE_USER.

Rarely, you may not get REMOTE_USER if the mapping in AAP is not correct or the IdP doesn't release such attribute.


to top
End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.1 | Total page history | Backlinks
You are here: Federation > FrequentlyAskedQuestions > EmptyRemoteUser

to top

Copyright © 1999-2010 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback